[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [redhat-lspp] Getting rid of multilevel objects

From: Klaus Weidner <klaus atsec com>
To: Joe Nall <joe nall com>
Cc: casey schaufler-ca com, lspp-list <redhat-lspp redhat com>, Chad Hanson <chanson TrustedCS com>
Subject: Re: [redhat-lspp] Getting rid of multilevel objects
Date: Wed, 5 Jul 2006 16:10:51 -0500

On Wed, Jul 05, 2006 at 03:41:35PM -0500, Joe Nall wrote:
> On the HP CMW, /dev/null has a WILDCARD label
> 
> cmw:joe> lslevel /dev/null
> /dev/null   WILDCARD
> 
> WILDCARD is really the absence of a label (literally a null pointer  
> in the API). This is equivalent to a SystemLow-SystemHigh range for  
> most applications.

The SELinux MLS policy supports trusted objects for this purpose, so this
would not really require a ranged object.

> Directories are not ranged, but have to satisfy the constraint that  
> the directory contents must dominate the directory. To create a file  
> in a directory with a lower classification, the creating process must  
> have the allowmacwrite privilege. Directory relabels are only  
> possible if the directory is empty.

This gets back to the original question - is there a real need in the
SELinux MLS policy for regular users to access multilevel objects other
than specific exceptions for trusted objects? It would simplify analysis
to get rid of them.

-Klaus

Follow-Ups:
- Re: [redhat-lspp] Getting rid of multilevel objects
  - From: Casey Schaufler

References:
- RE: [redhat-lspp] Getting rid of multilevel objects
  - From: Chad Hanson
- Re: [redhat-lspp] Getting rid of multilevel objects
  - From: Joe Nall

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]